der Mouse wrote:
I agree I am not sure that the problem is in the implementation either. From my point of view, the problem is in allowing malicious applications (or code) to have access to it in the first place.There is nothing at all in TCP or IP that says anything whatsoever about what privilege may or may not be necessary to establish a listen for incoming connections. If you must call this a flaw, at least place the "flaw" where it actually is - in the implementation(s). If an application is a File Compression utility, then there is no reason why it should have access to the TCP stack. And if they do need access to it (for example to check for updates), then those exceptions should be very well controlled and monitored. If this was doable (creating custom TCP Stacks) and practical, maybe that would be an alternative (since there is no better security countermeasure, than the one that removes the 'exploitable' target)I'm also not convinced it's a flaw at all; calling it one sounds to me like viewing a TCP stack designed for one environment from the point of view of a drastically different environment. In the environment most current TCP stacks were designed for, listening for connections on a "high" port should not be a restricted operation. In calling that a defect, you appear to be looking on it from a point of view which disagrees with that, which actually means just that you've picked the wrong TCP stack for your environment, not that there's anything wrong with the stack for its design environment. Dinis Cruz Owasp .Net Project www.owasp.net |
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
